From 9340eb319c1bbeeeecd1309f7d4eb2cc93fba757 Mon Sep 17 00:00:00 2001
From: mohsentaba <s.hosseintaba98@gmail.com>
Date: Sat, 3 Jan 2026 12:04:41 +0330
Subject: [PATCH] configuration debug

---
 apps/account/views/user.py   | 12 ++++++++----
 apps/hadis/urls.py           |  5 +++--
 apps/hadis/views/category.py | 25 ++++++++++++++++++++++++-
 docker-compose.prod.yml      |  4 ++--
 4 files changed, 37 insertions(+), 9 deletions(-)

diff --git a/apps/account/views/user.py b/apps/account/views/user.py
index 5f7bf05..8a03ec3 100644
--- a/apps/account/views/user.py
+++ b/apps/account/views/user.py
@@ -113,6 +113,9 @@ class UserGuestView(CreateAPIView):
         return obj
 
 
+import hashlib
+from rest_framework.authtoken.models import Token
+
 class WebUserGuestView(CreateAPIView):
     permission_classes = [AllowAny]
     serializer_class = WebUserGuestSerializer
@@ -134,7 +137,8 @@ class WebUserGuestView(CreateAPIView):
 
     @staticmethod
     def generate_login_token(user):
-        token, created = Token.objects.update_or_create(user=user)
+        # ✅ FIX 2: Prevent token rotation on every login
+        token, created = Token.objects.get_or_create(user=user)
         return token.key
 
     def get_client_ip(self):
@@ -152,13 +156,13 @@ class WebUserGuestView(CreateAPIView):
         return self.request.META.get('HTTP_USER_AGENT', '')
 
     def create(self, request, *args, **kwargs):
-        # Override to pass data to serializer
         data = request.data.copy()
         client_ip = self.get_client_ip()
         user_agent = self.get_user_agent()
 
-        # Create unique device_id for web user
-        web_user_id = f"{client_ip}_{hash(user_agent) % 1000000}"
+        # ✅ FIX 1: Stable Hash (MD5) instead of random hash()
+        ua_hash = hashlib.md5(user_agent.encode('utf-8')).hexdigest()[:8]
+        web_user_id = f"{client_ip}_{ua_hash}"
 
         data.update({
             'device_id': web_user_id,
diff --git a/apps/hadis/urls.py b/apps/hadis/urls.py
index 4d832a2..2bb3849 100644
--- a/apps/hadis/urls.py
+++ b/apps/hadis/urls.py
@@ -1,5 +1,5 @@
 from django.urls import path
-from .views.category import HadisCategorySectListView, HadisCategoryTreeView, CategoriesView, CategoriesBySectView, HadisCategorySelectBySectView, HadisCategorySelectBySectSourceView , HadisCategoryTreeNormalView ,test_deploy
+from .views.category import HadisCategorySectListView, HadisCategoryTreeView, CategoriesView, CategoriesBySectView, HadisCategorySelectBySectView, HadisCategorySelectBySectSourceView , HadisCategoryTreeNormalView ,test_deploy,debug_headers
 from .views.hadis import HadisCollectionListView, HadisListView, HadisBasicView, HadisDetailView, HadisSyncView, HadisTransmittersView, HadisCorrectionsView,HadisMainListView, HadisFiltersView
 from .views.transmitter import TransmitterView ,TransmitterDetailView, TransmitterSyncView,TransmitterOpinionView, TransmitterOriginalTextView, TransmitterFiltersView
 from .views.reference import BookDetailView, BookReferencesView, BookReferenceSyncView, BookAttributeView
@@ -53,6 +53,7 @@ urlpatterns = [
     path('<str:hadis_slug>/corrections/', cached_view(HadisCorrectionsView.as_view()), name='hadis-corrections'),
     path('<str:hadis_slug>/', cached_view(HadisBasicView.as_view()), name='hadis-basic'),  # ← Least specific LAST
 
-    path('test-deploy',test_deploy , name='test')
+    path('test-deploy',test_deploy , name='test'),
+    path('debug-headers',debug_headers , name='headers'),
 
 ]
diff --git a/apps/hadis/views/category.py b/apps/hadis/views/category.py
index ac2bc80..e249f69 100644
--- a/apps/hadis/views/category.py
+++ b/apps/hadis/views/category.py
@@ -321,4 +321,27 @@ def test_deploy(request):
     return Response({
         "received_headers": headers,
         "active_auth_settings": auth_settings
-    })
\ No newline at end of file
+    })
+
+from django.http import JsonResponse
+from django.conf import settings
+def debug_headers(request):
+    # # Security: strictly limitation to prevent leaking sensitive info to public
+    # # Only allow if a specific secret key is passed in the URL
+    # if request.GET.get('secret_debug_key') != 'super_secret_123':
+    #     return JsonResponse({'error': 'Unauthorized'}, status=403)
+
+    # Return all HTTP headers Django received from Nginx
+    headers = {
+        k: v for k, v in request.META.items() 
+        if k.startswith('HTTP_') or k in ['CONTENT_TYPE', 'CONTENT_LENGTH']
+    }
+    
+    # Also return the scheme Django thinks it is using
+    scheme_debug = {
+        'scheme': request.scheme,
+        'is_secure': request.is_secure(),
+        'SECURE_PROXY_SSL_HEADER_SETTING': getattr(settings, 'SECURE_PROXY_SSL_HEADER', None),
+    }
+    
+    return JsonResponse({'headers': headers, 'debug': scheme_debug})
\ No newline at end of file
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index 72a0cbc..d9acd5c 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -53,7 +53,7 @@ services:
     env_file: .env.prod
     command: celery -A config worker -l info
     volumes:
-      - .:/usr/src/app/
+      # - .:/usr/src/app/
       - staticfiles_volume:/usr/src/app/staticfiles
       - media_volume:/usr/src/app/media
       - logs_volume:/usr/src/app/logs
@@ -72,7 +72,7 @@ services:
     env_file: .env.prod
     command: celery -A config beat -l info
     volumes:
-      - .:/usr/src/app/
+      # - .:/usr/src/app/
       - logs_volume:/usr/src/app/logs
     depends_on:
       - imam-javad_redis